Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam AZ-104 topic 5 question 4 discussion

Actual exam question from Microsoft's AZ-104
Question #: 4
Topic #: 5
[All AZ-104 Questions]

You have an Azure subscription that contains the resources shown in the following table.

LB1 is configured as shown in the following table.

You plan to create new inbound NAT rules that meet the following requirements:
✑ Provide Remote Desktop access to VM1 from the internet by using port 3389.
✑ Provide Remote Desktop access to VM2 from the internet by using port 3389.
What should you create on LB1 before you can create the new inbound NAT rules?

  • A. a frontend IP address
  • B. a load balancing rule
  • C. a health probe
  • D. a backend pool
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Mercator
Highly Voted 2 years, 4 months ago
I think the answer is correct. Key is port 3389 from the internet for both VMs. If we want to connect to two different machines on the same port we need to have two different frontend IPs for the port forwarding.
upvoted 63 times
lebowski
1 year, 3 months ago
That's right, you need to know the specific IP address of the VM, otherwise, you will randomly access any VM in the LB. It is A
upvoted 5 times
...
...
Vlako
Highly Voted 2 years, 5 months ago
This does not make sense. On existing LB, you can create NAT rule right away. The frontend IP address is already there. Imho maybe B is right, you need to set the load balancing rule for port 3389.
upvoted 40 times
kmaneith
1 year, 1 month ago
impossible IP1:3389 -> vm1:3389 IP1:3389 -> vm2:3389 ??? possible IP1:3389 -> vm1:3389 IP2:3389 -> vm2:3389 or IP1:3389 -> vm1:3389 IP1:3388 -> vm2:3389
upvoted 7 times
mung
1 year ago
Load balancer has a feature called 'Floating IP' that enables to reuse the backend ports with same Loadbalancer's FronendIP. So you are wrong.
upvoted 2 times
...
kmaneith
1 year, 1 month ago
https://learn.microsoft.com/en-us/azure/load-balancer/manage-inbound-nat-rules?tabs=inbound-nat-rule-portal
upvoted 1 times
...
...
joergsi
1 year, 11 months ago
Yes, the LB has one public IP assigned, but this is used for the Web-Server (Port 80 is in use), now we are adding a new service on port 3389 which needs a dedicated external IP.
upvoted 4 times
...
awssecuritynewbie
1 year, 2 months ago
it does not make sense they have listed the Fronted IP address as being "public" so it is there why we need it again.
upvoted 1 times
...
fazedenk
2 years, 5 months ago
Wouldn't you need a health probe first before defining a load balancing rule?
upvoted 3 times
fazedenk
2 years, 5 months ago
You can try this out yourself; when creating a new load balancing rule; you have to add a health probe inside the rule. Unless you are going to re-use the port 80 health probe which doesnt make sense.
upvoted 3 times
...
...
...
SgtDumitru
Most Recent 6 days, 1 hour ago
Since back-end pool, health probe and load balancing rule already are created, only public IP is missing.
upvoted 1 times
...
clg003
1 month, 2 weeks ago
Selected Answer: A
Again... dont understand the debate. The question reads... "What should you create on LB1 BEFORE you can create the new inbound NAT rules?" So I am not sure how people think they answer is B. Do they think that before they can create the rule they have to great the rule? It can have multiple front end IPs. https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-multivip-overview
upvoted 1 times
...
Vestibal
1 month, 4 weeks ago
Selected Answer: A
https://learn.microsoft.com/en-us/azure/load-balancer/manage-inbound-nat-rules?tabs=inbound-nat-rule-portal#add-a-single-vm-inbound-nat-rule Given the need to establish a point of contact for inbound network connectivity, the correct answer is A. a frontend IP address. This is essential as it serves as the entry point for traffic, which is then directed to the appropriate resources using NAT rules.
upvoted 1 times
...
sardonique
2 months, 2 weeks ago
this question is poorly formulated, you've already got all of the 4 possible answers within the LB itself. why would you need a second public ip address? this question is weird
upvoted 1 times
...
razzil
2 months, 2 weeks ago
Selected Answer: B
You can use the same IP Adress with different frontend ports IP1:3800 -> vm1:3389 IP1:3801 -> vm2:3389 The frontend port doesn't have to be Port 3389. The Frontend and Backend Ports doesn't have to be the same.
upvoted 1 times
...
KMLearn2
3 months ago
Selected Answer: A
the question does not really make sense: you don't need a load balancing rule, a health probe or a backend pool for single VM inbound NAT rule and there should already be a public IP you can use. e.g. you create 2x NAT rules: <pip>:3391 -> VM1:3389 and <pip>:3392 -> VM2:3389 but yeah, if you want <pip>:3389 then you need additional public IPs.... Source: https://learn.microsoft.com/en-us/azure/load-balancer/manage-inbound-nat-rules?tabs=inbound-nat-rule-portal#add-a-single-vm-inbound-nat-rule
upvoted 2 times
...
oopspruu
3 months, 2 weeks ago
Selected Answer: A
The whole point of NAT rules is that can access a specific port on the VM using any random port number you define in NAT rules. You can RDP to port 3389 using something like 132.25.32.125:9999 because NAT will translate the incoming port 9999 to 3389. What you really need is a public IP Address, without which it is not possible to RDP in the VM from Internet.
upvoted 2 times
...
danrodcard
3 months, 3 weeks ago
An inbound NAT rule forwards incoming traffic sent to frontend IP address and port combination. The traffic is sent to a specific virtual machine or instance in the backend pool. Port forwarding is done by the same hash-based distribution as load balancing. https://learn.microsoft.com/en-us/azure/load-balancer/components
upvoted 1 times
...
marioZuo
4 months, 1 week ago
We want to use NAT why we need LB rule? Confusing
upvoted 1 times
...
Sri944
4 months, 3 weeks ago
I believe the answer is Option A. NAT rule must be explicitly attached to a VM (or network interface) to complete the path to the target; whereas Load Balancing rule need not be. In the latter case, a VM is selected (from the back-end address pool or VMs) to complete the path to the target.
upvoted 1 times
...
stonwall12
5 months, 3 weeks ago
Frontend IP Address
upvoted 1 times
...
Rick2022
6 months ago
Answer is B Tested. You can use the same public ip with 2 rules balancing different ports for the same backend pool.
upvoted 2 times
...
Exilic
7 months, 2 weeks ago
Selected Answer: A
OpenAI "Before creating the new inbound NAT rules, you need to create a frontend IP address on LB1. The frontend IP address will be used to map the incoming traffic to the backend pool and backend VMs. Once you have created the frontend IP address, you can then create the new inbound NAT rules for port 3389 to provide Remote Desktop access to VM1 and VM2 from the internet. So the correct answer is A. a frontend IP address."
upvoted 3 times
...
margotfrpp
7 months, 2 weeks ago
Selected Answer: B
90% sure
upvoted 1 times
GoldBear
4 months, 1 week ago
You cannot save the Load Balancer Rule without specifying the IP. When the Front End IP is missing you receive the following error during validation: At least 1 frontend IP needs to be added for creating a Load Balancer
upvoted 1 times
...
...
dennysheng
7 months, 2 weeks ago
Weird question. What is the topic exactly willing to ask? Access RDP via LB? Attach LB a Public IP first? Whats is the point???
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...